Access to S3 is denied

[shrdaga]

Access to S3 is denied. Can you provide the access to S3?

[tiffanyfay]

This is fixed now. Thanks.

[carter3d]

Looks like S3 access is denied again

[tiffanyfay]

Thanks. Looking into it.

[kkalavantavanich]

Facing the same issue.

[tiffanyfay]

Thanks. I am hoping this will be resolved soon.

[romafederico]

Template URLs should be changed to:
https://https://s3-${AWS::Region}.amazonaws.com/${TemplateBucket}/templates/xxx.yaml

[tiffanyfay]

@kkalavantavanich @carter3d It should be fixed now!

@romafederico The path was not the issue. It's the s3 permissions.

[khanna-vijay]

Am getting "Template validation error: S3 error: Access Denied". Can you please help for this.

[tiffanyfay]

@vijay-khanna At what point are you getting this and what region? I just launched it in Virginia. Thanks.

[khanna-vijay]

@vijay-khanna At what point are you getting this and what region? I just launched it in Virginia. Thanks.

@tiffanyfay :

I get this just when i click "Deploy"- "Rocket Launcher Icon" for all regions on this page. https://github.com/awslabs/ecs-refarch-continuous-deployment

the error is :
Error
Template validation error: S3 error: Access Denied For more information check http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html

[tiffanyfay]

@vijay-khanna Does your user have s3 permissions?

If you have your CLI set up, can you get the file?
aws s3 cp s3://ecs-refarch-continuous-deployment/ecs-refarch-continuous-deployment.yaml

[khanna-vijay]

@tiffanyfay : I have logged in as Administrator, and have been able to launch other CloudFormation Templates.
This is the one i just launched for testing the access issue : https://github.com/awslabs/aws-full-stack-template.

It got deployed fine.

I guess your S3 bucket hosting this code is possibly disabled for Reads at Global level, with new S3 Permissions coming in recently.

i tried the command from CLI and get below error "fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden"

Can you please check your S3 bucket if the "Block all public access" has been enabled.

[tiffanyfay]

@vijay-khanna It's not my bucket and belongs to another team. I'll look into it. Thanks.

[tiffanyfay]

@vijay-khanna Can you try now? And yes, that amongst a few other things were enabled.

[khanna-vijay]

@ tiffanyfay : This is working fine. Thanks for your help.

[tiffanyfay]

@vijay-khanna Great thanks!

[smrutiranjantripathy]

@tiffanyfay I'm getting the same error.

[tiffanyfay]

@smrutiranjantripathy Ugh not again :(. I left Amazon and don't have the contact of the people who got this fixed before.

@jpignata Could you contact the people you had referred me to previously? I didn't keep their emails. Thanks.

[TheToddLuci0]

Looks like the issue is back.

[sthanushkodi]

back to the old access denied issue looks like... anyone has a different location for the template?

[pedrofurtado]

@tiffanyfay The bucket has not access. Can you help us?

[nathanpeck]

This bucket is no longer provided online. Note that this reference architecture is 7 years old at this point, and you should consider using a more modern version of it. For example:

• https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-build-ci-cd-pipelines-and-amazon-ecs-clusters-for-microservices-using-aws-cdk.html
• https://docs.aws.amazon.com/codepipeline/latest/userguide/ecs-cd-pipeline.html

That said, you can find the template source code here: https://github.com/awslabs/ecs-refarch-continuous-deployment/tree/master/templates

[tiffanyfay]

@pedrofurtado I don't work at Amazon anymore so I am not sure about how to fix the bucket. I talked to Nathan and would go with what he sent.